Source: Huawei UK Gov Business Still Suffering From China Connection

Huawei is struggling to shed the negative perception it has because of ties with China, a source says

Huawei is continuing to find it difficult to sell to the UK government because of the vendor’s origins and connections in China, a source close to the company told TechWeekEurope.

Fears over Huawei kit have stemmed from the firm’s ties with the Chinese military – the People’s Liberation Army – and government. Some have raised concerns that the Chinese might place covert software in Huawei systems to spy on other nations. “There is still that perception of Huawei,” the source said.

The source said they did not expect Huawei UK to gain much work where the government is managing sensitive data, but where non-sensitive data is being handled, the government could “open up”, the source said.

Huawei has brought in a number of former British government employees over the last two years. The biggest name signing was John Suffolk, former government CIO, who now runs global security for the company. The source denied the British additions to Huawei would help it gain extra traction within government, where they only have “a few contracts”.

A ‘cell’ for screening?

TechWeekEurope understands one of the chiefs of Huawei’s Cyber Security Evaluation Centre has 40 years of experience in GCHQ, having worked out of the Cheltenham hub.

That centre, based in the UK, was established in late 2010 and is being used to test the security of network products of Huawei and its partners. Huawei has a team of penetration testers and software analysts who try to find security flaws in systems.

But one Cabinet Office source said the government uses a specialist “cell” to screen Huawei gear, saying no other vendor had to go through the same process as Huawei did. This would indicate reservations about using the Chinese firm’s equipment.

Yet when quizzed about what that “cell” was, the Cabinet Office said there was no such body, pointing TechWeekEurope to Huawei’s evaluation centre. CESG, the information assurance arm of GCHQ, works closely with the centre to check product security.

According to a Huawei spokesperson, some workers at the centre are British nationals and all have received formal security clearance.

Despite the source’s claims that the China connection was making life difficult for the vendor in the UK, Huawei has been linked to the black boxes that will be placed in UK ISPs in data centres to store citizens’ communications data. That could come about if the Communications Data Bill or ‘Snooper’s Charter’, in its current form, becomes an Act of Parliament.

Huawei’s kit has already been widely deployed by the UK’s biggest ISP – BT. In 2005, Huawei’s hardware was used as part of a major upgrade of BT’s network.

The company is finding it even more difficult in other regions. This March, it was barred from bidding for work on Australia’s National Broadband Network, a £24 billion initiative designed to bring high-speed connections to the country.

The Huawei spokesperson said the vendor would happily set up similar screening centres to the facility in the UK. At no point has Huawei kit been found to contain backdoors or anything that could be used for surreptitious means, the spokesperson added.

A common way for criminals to attack people is via websites, unfortunately this includes legitimate sites that have been hacked or compromised in some way. This puts your visitors and your reputation on the line, so every website owner needs to understand the risks posed by cybercrime and how to prevent it. This essential survival […]

Nearly a quarter of IT managers simply don’t know how secure their website is.1 However, with the number of web-attacks blocked per day rising from 190,370 to 247,350 between 2011 and 2012, it’s vital for businesses to understand the part their website plays in the distribution of malware to clients, customers and the wider online […]

Would you be so confident about the security of your money if your bank accidentally disclosed the details of half the accounts it held? The problem is that many businesses simply don’t realise the risk that their website poses to their business and just how vulnerable their sites are without proper security and monitoring.

The debate over advanced evasion techniques (AETs). To assess what IT security professionals understand about AETs and what measures have been put in place to stop them, McAfee commissioned Vanson Bourne in January 2014 to survey 800 CIOs and security managers from the US, UK, Germany, France, Australia, Brazil, and South Africa.